﻿<%@ WebHandler Language="C#" Class="MoreOthers" %>

using System;
using System.Web;
using System.Data;
using System.Data.SqlClient;
using StarTech.DBUtility;
using System.Text;

/// <summary>
/// 更多（个人中心的更多操作接口）
/// </summary>
public class MoreOthers : IHttpHandler
{
    
    AdoHelper ado = AdoHelper.CreateHelper("DB_Instance");
    string memberId = "";
    public void ProcessRequest(HttpContext context)
    {
        context.Response.ContentType = "text/plain";
        bool isAuth = (context.Request.Cookies["memberInfo"] != null && Common.CheckUser(context.Request.Cookies["memberInfo"].Value)) ? true : false;
        string flag = Common.NullToEmpty(context.Request["flag"]);
        
        if (isAuth == true)
        {
            memberId = context.Request.Cookies["memberInfo"].Value.Split(new string[] { "$$" }, StringSplitOptions.RemoveEmptyEntries)[0];
            if (flag == "editpwd1")
            {
                //修改密码
                context.Response.Write(EditPwd1(context.Request["pwd1"], context.Request["pwd2"]));
                
            }
            else if (flag == "editpwd2")
            {
                //修改交易密码
                context.Response.Write(EditPwd2(context.Request["pwd1"], context.Request["pwd2"]));

            }
            else if (flag == "checkpwd2")
            {
                //检查交易密码
                context.Response.Write(CheckPayPwd());

            }
            else if (flag == "feedback")
            {
                //意见反馈
                context.Response.Write(FeedBack(HttpUtility.UrlDecode(context.Request["info"])));
            }
            else if (flag == "applycash")
            {
                //提现申请
          
            }
           
        }
        
        if (flag == "indexad")
        {
            context.Response.Write(IndexAd());
        }
    }

    public string IndexAd()
    {
        System.Text.StringBuilder json = new System.Text.StringBuilder();
        System.Data.DataSet ds = ado.ExecuteSqlDataset("select Image,Link,Title from T_Ad where isnull(Image,'')<>'' order by sort asc");
        string host = "http://120.76.41.179:8002";
        for (int j = 0; j < ds.Tables[0].Rows.Count; j++)
        {
            string url = ((ds.Tables[0].Rows[j]["Link"].ToString() == "http://") ? "" : ds.Tables[0].Rows[j]["Link"].ToString());
            if (url == "")
            {
                json.Append("<li><img src=\"" + host + ds.Tables[0].Rows[j]["Image"].ToString() + "\"></li>");
            }
            else
            {
                json.Append("<li><a href=\"" + url + "\"><img border=0 src=\"" + host + ds.Tables[0].Rows[j]["Image"].ToString() + "\"></a></li>");
            }
        }
        if (json.ToString().Length < 1) { return "<li><img src=\"Images/Banner.jpg\"></li>"; }
        return json.ToString();
    }


    private string EditPwd1(string pwd1, string pwd2)
    {
        pwd1 = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(pwd1, "MD5");
        pwd2 = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(pwd2, "MD5");
        object checkObj = ado.ExecuteSqlScalar("select memberId from T_Member_Info where memberId='" + this.memberId + "' and Password='" + pwd1 + "'");
        if (checkObj == null) { return "原始旧密码错误"; }

        string strSql = @"update T_Member_Info set Password=@Pwd where MemberId=@MemberId";
        SqlParameter[] p3 = new SqlParameter[] {
                    new SqlParameter("@Pwd",pwd2),
                    new SqlParameter("@MemberId",this.memberId)
                };
        int result = ado.ExecuteSqlNonQuery(strSql, p3);
        if (result == 1)
        {
            HttpContext.Current.Response.Cookies.Add(new HttpCookie("memberInfo", memberId + "$$" + pwd2));
        }
        return result.ToString();
    }
    
    /// <summary>
    /// 交易密码是否存在
    /// </summary>
    private string CheckPayPwd()
    {
        object checkObj = ado.ExecuteSqlScalar("select PasswordPay from T_Member_Info where memberId='" + this.memberId + "'");
        if (checkObj == null) { return "0"; }
        if (checkObj.ToString() == "") { return "0"; }
        return "1";
    }
    
    
    /// <summary>
    /// 交易密码
    /// </summary>
    private string EditPwd2(string pwd1, string pwd2)
    {
        pwd1 = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(pwd1, "MD5");
        pwd2 = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(pwd2, "MD5");

        if (CheckPayPwd() == "1")
        {
            object checkObj = ado.ExecuteSqlScalar("select memberId from T_Member_Info where memberId='" + this.memberId + "' and PasswordPay='" + pwd1 + "'");
            if (checkObj == null) { return "原始旧密码错误"; }
        }
        
        string strSql = @"update T_Member_Info set PasswordPay=@Pwd where MemberId=@MemberId";
        SqlParameter[] p3 = new SqlParameter[] {
                    new SqlParameter("@Pwd",pwd2),
                    new SqlParameter("@MemberId",this.memberId)
                };
        int result = ado.ExecuteSqlNonQuery(strSql, p3);
        return result.ToString();
    }
    
    
    

    private string FeedBack(string info)
    {
        string strSql = "insert into T_TSInfo(MemberId,Subject,FillTime) values('" + this.memberId + "','" + info.Replace("'", "") + "',getdate())";

        int result = ado.ExecuteSqlNonQuery(strSql);
        if (result > 0)
        {
            return "1";
        }
        return result.ToString();
    }
    

    
    public bool IsReusable {
        get {
            return false;
        }
    }

}